Search the CONFOCAL archive at
http://listserv.acsu.buffalo.edu/cgi-bin/wa?S1=confocal

Greetings,
We have recently been informed by our campus network administration
infrastructure that our Leica SP-2 was running anomolous port scans of
computers across the campus network.  Upon further investigation we
discovered that the Leica workstation had been hacked and was running
software for remote administration and the software for an ftp server
had been installed; other softwares may have been installed as well and
it is possible the hacker was able to log keystrokes for passwords etc.
    As a result of this we have had to pull our system off of the
network until we reformat/reinstall and set up a firewall.
    The security exploit may be related to a hole left by the
Leica-modified version of the SP-6 for NT.  The fact that we cannot run
the latest Micrsoft updates with our SP-2 instrumentation doesn't help
us to argue the case to get our system back on the network.
    The system was breached on March 31st, and we had been experiencing
anomolous crashing behavior when using the microscope lately--this is
probably related to the hack.  Also, it seems that our motherboard is
now damaged (we can't reinstall NT/Leica software).  It is unlikely that
a hacker could break the hardware (we did flash/update the BIOS) but it
is a funny coincidence that the computer is now messed up for good.
    Facilities housing NT based Leica confocal microscopes should take
steps to ensure the security of thier workstations.  The 2.5.1104 build
of the software runs with XP with all the security patches, but requires
a computer hardware upgrade.  Running the unpatched NT system online is
a security liability for an institution and may cause problems with the
funtioning of the microscope. It is possible that damage to computer
hardware can result from a hacking incident.  All of this can translate
into a costs in terms of time, lost data, and finances.
Regards,
Karl G.